• Hi guest! As you can see, the new Wizard Forums has been revived, and we are glad to have you visiting our site! However, it would be really helpful, both to you and us, if you registered on our website! Registering allows you to see all posts, and make posts yourself, which would be great if you could share your knowledge and opinions with us! You could also make posts to ask questions!

Rewriting an application that runs on Debian/Ubuntu from PHP to Python, will it be made more secure in doing so?

Diluculo_DelFuego

Diluculo_DelFuego

Magus
Joined
Sep 9, 2021
Messages
9,679
Reaction score
5,211
Awards
32
Rewriting an application that runs on Debian/Ubuntu from PHP to Python, will it be made more secure by doing so?
The server in question runs the OS, Apache, Nginx, a handful of core apps and a trio of security apps.
The server is audited through Center for Information Studies audit checklists, and runs bash background scripts as security proactive monitors.

So is it worth it to make the server more secure? Its inherently designed insecure based on our needs.
 
SkullTraill

SkullTraill

Glorious Light of Knowledge and Power
Staff member
Custodian
Librarian
Joined
Apr 12, 2021
Messages
1,850
Reaction score
15,331
Awards
19
Modern PHP is pretty secure, so probably not unless the PHP was written by someone with less experience and you have a lot of experience with Python.

There is probably not much fundamental and inherent lack of security in either of these languages, so as long as you know what you're doing you could write something very secure in both of them.

Switching languages is rarely ever the most logical move when it comes to the goal of improving security.
 
Jarhyn

Jarhyn

Acolyte
Joined
Jan 27, 2022
Messages
289
Reaction score
258
Awards
3
Security comes down more to the constraints in a network and it's open ports of communication than what language certain things are done in.

What is important is that whatever framework you are using, the underlying packet service architecture (the "stack") does not allow aberrations of data through, and that the system cannot allow "arbitrary requests".

In many ways it is more about what you are doing with the page: if the web server can both be caused to output some arbitrary string to a file and then be forced to execute that file as a script, that's where you get hacked from.

I agree with SkullTraill too: porting your code to a new language will almost always open more holes than it closes.
 
Diluculo_DelFuego

Diluculo_DelFuego

Magus
Joined
Sep 9, 2021
Messages
9,679
Reaction score
5,211
Awards
32
Okie dokie., one less project, so can concentrate on reconfiguration post install. And the audit.
 
Incognitus

Incognitus

Lead Transcriber
Joined
May 30, 2021
Messages
341
Reaction score
629
Awards
10
Long time PHP and Python programmer here… no, switching to Python in itself will not be more secure. For both scripting languages, the application has to be securely written. Both languages will let you do stupid things and leave gaping holes.

Personally, I like Python more anyways, but if you are expecting it to be “more secure” than PHP out of the box, no, that is not a thing.
 
Diluculo_DelFuego

Diluculo_DelFuego

Magus
Joined
Sep 9, 2021
Messages
9,679
Reaction score
5,211
Awards
32
Cool. Thanks all!
Post automatically merged:

This thread came be closed. I'm no longer on that project.
Post automatically merged:

This thread can be closed that is.
 
Last edited:
You must log in or register to reply here.
Top